If they want a US conviction, yes. Have to survive the trial with enough awareness to be competent to stand trial.

So you could chop off their arms and legs, but not their heads. Depending on the numerosity of the potential defendants, things could get seriously Game of Thrones.

Edit: don't forget that intestines, eyes, and genitals are optional too. Have I covered the more prurient aspects of bounty hunting reprobates? Further exploration is probably not worth up votes, right?

If they want a US conviction, yes. Have to survive the trial with enough awareness to be competent to stand trial.

So you could chop off their arms and legs, but not their heads. Depending on the numerosity of the potential defendants, things could get seriously Game of Thrones.

Edit: don't forget that intestines, eyes, and genitals are optional too. Have I covered the more prurient aspects of bounty hunting reprobates? Further exploration is probably not worth up votes, right?

Maybe someday everyone will finally wakeup and realize that software/IT security is important and not make it the first thing that gets taken off the list.

Perhaps it will even become part of the Computer Science education

If Obama wanted to do something that would be the equivalent of sending a man to the moon, he should start an initiative on software security that will both create jobs, spur innovation, educate the nation and even attract the young to math, science and computer science.

Create a set of security standards similar in structure to Energy Star and allow companies volunteer to submit to get a Security Star rating. Hire the best the brightest to man the labs.

That would be money well spent versus money we give to DHS and to militarize the police and give them MARPS for no-knock SWAT raids where many innocent lives have been lost to stupid policies.

I am not a fan of big government by any stretch, but I see a role that could be played here that makes sense at least to me.

Can someone explain me why game servers and game websites are the ones most affected by DDOS attacks on the Internet? I find it amazingly strange, as games are supposed to be fun. Not incentive criminal behavior.

Even in forums when someone looks for a protected ddos host, its always someone related to gaming or hosting some game server.

Is this because gamers attracts kids or low life people or just plain criminals?

I think or want to think at least, because it attract kids and they don´t know or don´t care that dossing is illegal. They take it like a prank. So should we start to teach at schools that dossing is a crime and it can land you on jail?

Or should parents start to control what their kids do online?

If the FBI wants to get dos attackers they have it SO EASY, just look where gamers are and you will find them or go ask some game servers owners if they ever received attacks and the answer will be always yes, so just filter their servers.

Please otherwise someone explain me why games attract more dos attacks than anything else on the Internet, not even political or religious websites are attacked as game servers are. I´m just curious of why this trend is special hot on gaming.

Also, I think authorities should catch at least some of them and make an example, because while I don´t have game servers I can understand the suffering of those that do and have to deal with this, not to mention if its a freelancer and he is trying to make a living with his role playing game. Its just so unfair for them since they can´t do anything except shut down. This is true for anyone that receives attacks, it disrupts their business. Its similar to someone locking your house down and not letting you go to work.

Best put the money into a better defense rather than lining up for an offensive. The chances of catching one person behind this is low and then persecuting any one individual - particularly if they are in another country - is even lower. Looks like a black hole for further expenditure.

A knee-jerk reaction that wasn't well thought-through; anger prevailed and the result - as in many online anger-infused scenarios - ensues a regrettable set of events, the last of which was effected by the victim.

Can someone explain me why game servers and game websites are the ones most affected by DDOS attacks on the Internet? I find it amazingly strange, as games are supposed to be fun. Not incentive criminal behavior.

Even in forums when someone looks for a protected ddos host, its always someone related to gaming or hosting some game server.

Is this because gamers attracts kids or low life people or just plain criminals?

I think or want to think at least, because it attract kids and they don´t know or don´t care that dossing is illegal. They take it like a prank. So should we start to teach at schools that dossing is a crime and it can land you on jail?

Or should parents start to control what their kids do online?

If the FBI wants to get dos attackers they have it SO EASY, just look where gamers are and you will find them or go ask some game servers owners if they ever received attacks and the answer will be always yes, so just filter their servers.

Please otherwise someone explain me why games attract more dos attacks than anything else on the Internet, not even political or religious websites are attacked as game servers are. I´m just curious of why this trend is special hot on gaming.

Also, I think authorities should catch at least some of them and make an example, because while I don´t have game servers I can understand the suffering of those that do and have to deal with this, not to mention if its a freelancer and he is trying to make a living with his role playing game. Its just so unfair for them since they can´t do anything except shut down. This is true for anyone that receives attacks, it disrupts their business. Its similar to someone locking your house down and not letting you go to work.

Because when Joe Kidiot ends up playing a random match with a top player in his game of choice and inevitably gets spanked he must get revenge, and actually L2P the game is too hard. Much easier to just rage DDOS; all the kool kids are doing it so what's the harm. Since Kidiot often doesn't have the IP of the person who crushed him a massive DDOS against the server as a whole is the only option. If Joe does have the IP of the person who he's playing launching a DOS against that person to cripple their connection will also lag their ability to play to death.

Can someone explain me why game servers and game websites are the ones most affected by DDOS attacks on the Internet? ---Or should parents start to control what their kids do online?

A gaming website is required to play a particular game. Thus, most people that access it actually want it up and functional. EA is counter example here because they are great at knocking their own servers offline. And many business are attacked daily, those that are already have the protection in place. Remember Anonymous attacking Amazon.com ... nothing to see here, no effect what so ever.

Who would want the game server to go down: Gamer that just lost the game, recently got banned, just for the lulz, to upset an upcoming/ongoing event, maybe to prevent someone from besting them on the leaderboards and finally extortion.

Script kiddies and such can easily knock an unprotected site offline. The protection is expensive and if the game is marginally successful then that protection might well be a barrier to profit.

Recall that the logic/wisdom area of the human brain is not fully functional (ie wired) until mid-twenties and the reasons become less important as comparing your reasoning with that of less than fully functional script kiddie focused on the lulz.

But that does not make sense, if they attack the game server because they are losing, they can´t play either.

Yes its true, I remember when they said they would attack Facebook and Amazon, nothing happen. They had 0 lag for 0 seconds, no effects what so ever attacking the big web guys on the web, so they go after the small guy instead?

That does not make sense if they talk about the "evil" corporation but then just keep hitting the small guy that wants to make a living.

So this persons are just plain evil and selfish? They attack others because they are angry since they lost in some online match? They don´t earn anything by winning a game or losing. Its just time wasted so I don´t understand why someone would get upset by a game....

So this persons are just plain evil and selfish? They attack others because they are angry since they lost in some online match? They don´t earn anything by winning a game or losing. Its just time wasted so I don´t understand why someone would get upset by a game....

I want to thank you for (finally) acknowledging that some people who happen to be gamers (and typically morally deficient ones and/or kids) are evil and not the entire demographic. Your first post was a bit vague, the gross oversimplification of gamers, and often the message behind the message is lost to readers who are not gamers.

Most kids when faced with any type of competition and lose, their first instinct is to figure out how to cheat to win next time. It happens absolutely everywhere. I would daresay it is nearly universal, and being honest and a good sportsman about playing is a hard learned behavior. This creates a tinderbox of trouble for online FPS gaming communities and servers. There is almost no accountability and the more nefarious participants do whatever the hell they want.

I find it a sad state of affairs when learning how to commandeer (or rent) a botnet to perform a massive DDOS is cheaper, easier, and more fun than learning to play an online game fairly. Of course, the same rage-mind thinking is evident in shooting up a car because the music is too loud, or chasing down and killing a teenager for carrying Skittles while wearing a hoodie.

We have spent BEELIONS on the NSA's infrastructure, like the huge black hole in Utah. IMHO, it's about time they started earning their pay. I'm sure they know who is doing this. SO, GET BUSY, NSA. Stop those idiots. The FBI would be glad to help. Just tell them who and where.

[quote="nibb"]Can someone explain me why game servers and game websites are the ones most affected by DDOS attacks on the Internet? I find it amazingly strange, as games are supposed to be fun. Not incentive criminal behavior.

Game companies are frequently attacked because their business model requires them to be online. For most companies having their website inaccessible is an inconvenience, sometimes a major one, but the business itself doesn't materially suffer. Game companies though *have* to be up and running or their customers can't use their product. So the companies are, or were, frequently willing to pay blackmail monies to make the whole DDOS thing go away.

Best put the money into a better defense rather than lining up for an offensive. The chances of catching one person behind this is low and then persecuting any one individual - particularly if they are in another country - is even lower. Looks like a black hole for further expenditure.

A knee-jerk reaction that wasn't well thought-through; anger prevailed and the result - as in many online anger-infused scenarios - ensues a regrettable set of events, the last of which was effected by the victim.

He's paying the wrong people. Should pay some experts to find the people, and then pay another team to deal with the problem permanently. And site that suffers DDOS should do the same. People need to learn the hard way what happens when you disrupt services that millions depend on.

We have spent BEELIONS on the NSA's infrastructure, like the huge black hole in Utah. IMHO, it's about time they started earning their pay. I'm sure they know who is doing this. SO, GET BUSY, NSA. Stop those idiots. The FBI would be glad to help. Just tell them who and where.

No, don't send the FBI. Send DEVGRU and deal with the problem permanently.

In fact I read the whole poster thinking it was related and they were being clever. Hoping the next line would reveal the angle but just getting more confused as to how these $4 $13 $25 payouts were going to work. Finally remembering, this is Ars, the photo doesn't have to be the slightest bit relevant.

"If there are two orchestrators, the company is willing to offer an unusual bargain; total amnesty for the one who reports the other."(The two DDOSers raise their eyebrows, then glower at each other, then at the phone)

I'm still patching a PC game (Battlezone II), originally released in 1999. Game servers aren't centralized, but hosted by whomever pushes the "create game" button. Sessions have been occasionally suffering from DDOS attacks from a vocal minority of players who disagree with other game's choices of mode (PvE is attacked, not PvP) or even map/mod -- anything not running their favorite mod is sometimes attacked. Most of the remaining players for that PvP mode *WILLINGLY* play with those griefing players, and defend doing that to others. They're not even embarrassed or apologetic about those griefers, but even stand up for them. When pressed, they defend playing with griefers because they fear their games will be similarly destroyed if they tell the griefers to go away -- they're more concerned about their games in the short term than long-term community survival.

Somewhat tellingly, players playing PvE have pretty much never deliberately griefed other games, other than occasionally joining a PvP and being a n00b and hurting whatever team they're on by the additional deaths.

Best put the money into a better defense rather than lining up for an offensive. The chances of catching one person behind this is low and then persecuting any one individual - particularly if they are in another country - is even lower. Looks like a black hole for further expenditure.

A knee-jerk reaction that wasn't well thought-through; anger prevailed and the result - as in many online anger-infused scenarios - ensues a regrettable set of events, the last of which was effected by the victim.

That's the beauty of a bounty, though. If the terms aren't met -- in this case, the perpetrator being caught *and convicted* -- then posting the bounty cost them nothing.

How many infected computers does it take to bring down a site like this? Do they use the Low Orbit Ion Cannon or something more sophisticated?

Probably not many. Wurm has never enjoyed a large subscriber base (relative to most mmos -- although it has been doing better the past couple of years I think) and the servers tended to melt down pretty easily whenever the game saw a spike in interest due to a major update or well-exposed article. That was the reason they were already planning on moving to a new host.

Honestly this game's community is already pretty used to occasional outages like this (not usually DDoS though).

Best put the money into a better defense rather than lining up for an offensive. The chances of catching one person behind this is low and then persecuting any one individual - particularly if they are in another country - is even lower. Looks like a black hole for further expenditure.

The trouble is that defending against DDoS attacks costs money.

There should be no money that has to be spent by the innocent on protecting themselves against illegal activity. Instead, all the costs of crime should be borne by the criminal.

This ideal can't be reached in practice. That's why we put locks on our doors. And we even lock criminals in jail at great expense instead of just shooting them dead - or, better yet, torturing them to death, so as to more quickly deter others.

But punishing crime instead of relying exclusively on defensive security measures does bring down the cost of keeping crime down to a tolerable level radically, which is why all organized societies have police and jails.

The Internet, of course, does pose special challenges in finding and dealing with perpetrators.

There are ways to deal with them.

Back when Belarus virus writers were getting people's computers to dial 900 numbers... the treaty forcing those calls to be paid for could have been scrapped and replaced by a new one, with Belarus winding up disconnected from international long-distance calls if it didn't like it.

Similarly, foreign countries that don't show a reasonable level of effort to find those who orchestrate DDoS attacks might find themselves disconnected from the Internet.

Still, the real problem is that common operating systems, like Microsoft Windows, were released with vulnerabilities that hackers can exploit to create botnets that engage in DDoS attacks. If the market is unable to prevent such shoddy practice, the government should step in.